AMENDMENTS TO THE CLAIMS 



1. (currently amended) Private network apparatus for connecting a user to 
an external internet comprising: 

a plurality of security service pathways each providing a respective 
combination of security service features; 

a service selection dashboard allowing said user to select from a plurality of 
security service features for user traffic to and from said user; 

a network management server coupled to said service selection dashboard 
for storing a subscriber configuration in response to said user selected security service 
features; 

a pass-through router for coupling said user traffic to said external internet 
independently of said security service pathways ; 

a service selection gateway coupled to said user for directing said user 
traffic to and from one of said service selection dashboard, said pass-through router, or 
one of said security service pathways; and 

a security service router for coupling said plurality of security service 
pathways to said external internet; 

wherein said service selection gateway directs said user traffic to said 
service selection dashboard if said subscriber configuration is in an initialized state; 
and 

wherein said service selection gateway directs said user traffic to a 
respective one of said security service pathways or to said pass-through router in 
response to said subscriber configuration after initialization by said service selection 
dashboard. 

2. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a firewall. 
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3. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a virus scanner. 

4. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a content filter. 

5. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a firewall and a content filter. 

6. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a firewall and a virus scanner. 

7. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a content filter and a virus scanner. 

8. (original) The apparatus of claim 1 wherein said security service 
pathways include at least one pathway having a firewall, a content filter, and a virus 
scanner. 

9. (original) The apparatus of claim 1 wherein said security service 
pathways include at least two pathways having firewalls, said firewalls respectively 
providing different grades of firewall protection. 

10. (original) The apparatus of claim 9 comprising three security service 
pathways each including a respective firewall, said firewalls including a first firewall 
providing a high grade firewall protection, a second firewall providing a medium 
grade firewall protection, and a third firewall providing a low grade firewall 
protection. 
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11. (original) The apparatus of claim 10 wherein said low grade firewall 
protection comprises port blocking for outgoing traffic. 



12. (original) The apparatus of claim 10 wherein said medium grade 
firewall protection comprises port blocking for incoming and outgoing traffic. 

13. (original) The apparatus of claim 10 wherein said high grade firewall 
protection comprises port blocking for outgoing traffic and blocking of all incoming 
traffic not initiated by said user. 

14. (currently amended) A method of providing security service in a 
network interface to an external internet, said method comprising the steps of: 

directing a user to a captive portal; 

presenting security service features to said user; 

storing a subscription profile for said user in response to security service 
features selected by said user through said captive portal; 

receiving user traffic from said user destined for said external internet at a 
service selection gateway; 

determining from said subscription profile which security service features to 
apply to said user traffic; 

if said subscription profile for said user includes any security service 
features, then re-directing said user traffic to a particular security service pathway of a 
plurality of security service pathways, said particular security service pathway 
corresponding to said security service features identified by said user profile; and 

if said subscription profile for said user includes no security service 
features, then re-directing said user traffic to a pass-through router te for coupling said 
user traffic to said external internet. 
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15. (original) The method of claim 14 wherein said security service features 
include firewall services, content filtering services, and virus scanning services, and 
wherein each of said security service pathways corresponds to a combination of said 
security service features. 

16. (original) The method of claim 15 wherein said firewall services 
comprise selectable grades of firewall protection including a high grade firewall 
protection, a medium grade firewall protection, and a low grade firewall protection. 

17. (original) The method of claim 16 wherein said low grade firewall 
protection comprises port blocking for outgoing user traffic. 

18. (original) The method of claim 16 wherein said medium grade firewall 
protection comprises port blocking for incoming and outgoing user traffic. 

19. (original) The method of claim 16 wherein said high grade firewall 
protection comprises port blocking for outgoing user traffic and blocking of all 
incoming traffic not initiated by said user. 

20. (new) The apparatus of claim 1 further comprising: 

a user-side switch coupling said service selection gateway to said security 
service pathways; and 

an internet-side switch coupling said security service pathways to said 
security service router. 
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